diff --git a/core/api/auth.py b/core/api/auth.py
index 269ac9594efaa564316faec91a971d35686dae4c..51f942a163bbf9cb54b17170a8713371ff928d8d 100644
--- a/core/api/auth.py
+++ b/core/api/auth.py
@@ -6,8 +6,8 @@ import requests
 from django.contrib.auth.models import User
 from django.shortcuts import render
 from django.urls import reverse
-from rest_framework import generics, status, serializers, HTTP_HEADER_ENCODING
-from rest_framework.decorators import api_view, authentication_classes
+from rest_framework import generics, status, serializers, HTTP_HEADER_ENCODING, permissions
+from rest_framework.decorators import api_view, authentication_classes, permission_classes
 from rest_framework.response import Response
 from knox.auth import TokenAuthentication
 from knox.models import AuthToken
@@ -180,6 +180,20 @@ def validate_token(request):
         return Response({'valid': 'false'})
 
 
+@api_view(['DELETE'])
+@authentication_classes([])
+# @permission_classes([permissions.IsAuthenticated])
+def delete_account(request):
+    try:
+        authenticator = TokenAuthentication()
+        user, auth_token = authenticator.authenticate(request)
+        if user and auth_token:
+            user.delete()
+            return Response({'msg': 'Delete successfully.'})
+    except:
+        return Response({'msg': 'Failed to delete this account.'}, status=status.HTTP_401_UNAUTHORIZED)
+
+
 def verify_user_and_activate(request, token):
     try:
         auth = AuthToken.objects.filter(digest=token).first()
diff --git a/core/urls.py b/core/urls.py
index b8b9db70cf19a849ea8ba03589047bb52ed17b66..bcf2c32033bf0192cafb341fffdae156083bccae 100644
--- a/core/urls.py
+++ b/core/urls.py
@@ -2,7 +2,7 @@ from django.urls import path, include
 from knox import views as knox_views
 from rest_framework import routers
 
-from core.api.auth import RegisterAPI, LoginAPI, AppleLogin, GoogleLogin, FacebookLogin, validate_token, verify_user_and_activate
+from core.api.auth import RegisterAPI, LoginAPI, AppleLogin, GoogleLogin, FacebookLogin, validate_token, delete_account, verify_user_and_activate
 from core.api.password import ChangePasswordView
 from core.api.profile import ProfileViewSet
 from core.api.coupon import CouponViewSet
@@ -24,6 +24,7 @@ urlpatterns += [
     path('api/auth/google', GoogleLogin.as_view(), name='google_login'),
     path('api/auth/facebook', FacebookLogin.as_view(), name='facebook_login'),
     path('api/auth/validate-token', validate_token, name='validate-token'),
+    path('api/auth/delete-account', delete_account, name='delete-account'),
     # passwd
     path('api/change-password', ChangePasswordView.as_view(), name='change-password'),
     path('api/password_reset/', include('django_rest_passwordreset.urls', namespace='password_reset')),